7 things you can do to stay safe online

Most of us use the internet every day. We shop online, bank online, network and apply for jobs online. Each of those activities leaves behind a trail of our information. It may not matter if some of that data falls into the wrong hands – but it’s clearly critical to protect anything related to our financial affairs. Here are 7 tips that can help protect your data, privacy, and money online.


1. Choose strong, unique passwords

We know – you probably have a list of passwords that’s getting longer by the day. That makes it tempting to pick ones that are simple so they’re easy to remember, or to use the same password for multiple sites. Don’t do it!

Your password is the key to all the personal and financial information available on a website after you log in. To make that key as hard to copy as possible:

  • Mix letters, numbers, and special characters.
  • Avoid easy-to-guess passwords, like your name, names of people in your family, your birthday, your telephone number.
  • Avoid real words. Try putting the first few words of a rhyme together with your favourite number (e.g., maryhada3 or hickorydickory8) or use the first letters of each word in a song you like (e.g., Iw2hyh for “I want to hold your hand”)
  • Avoid saving your password in your browser.

And, even though this makes managing that long list of passwords harder, it’s also important to change your passwords frequently.

2. Always sign out

Finished using a website? Sign out and quit your browser. On a shared or public computer, sign out, clear your history in the browser, then quit. For extra security, disconnect from the internet when you don’t need to be connected. 

3. Use anti-virus software

Every time you open an email attachment, download a file from a website, plug in a USB drive or even insert a CD or DVD, malware (malicious software) can slip into your computer. Once it’s there, it can steal sensitive information or take over the operation of your computer. Anti-virus software scans all data that tries to enter your computer and tells you if it detects a virus. It can also quarantine viruses that are already on your computer to prevent them from spreading.

4. Install a firewall

Keep intruders out with a firewall. This software, hardware, or a mix of both creates a barrier between your computer and the rest of the internet and can prevent attacks on your computer.

5. Keep software updated

The security of your computer and all the personal information it contains is only as good as the security software on your machine, so install updates and patches as soon as they are available. If possible, set your computer to check automatically for operating system and security software (anti-virus and firewall) updates.

6. Be cautious on public Wi-Fi

Avoid logging in to a website or app on a public Wi-Fi hotspot. These networks are often not secure, so other people may be able to access the information you send across them. To make sure you don’t expose your data without meaning to, make sure your device isn't set up to automatically connect to nearby Wi-Fi. If you must use public Wi-Fi:

  • Confirm that the Wi-Fi network is valid with someone who works at the location before you connect.
  • Confirm websites or apps you use fully encrypt information from the moment you sign in to the moment you sign out
  • Look for the lock symbol on the website or https in front of website addresses – it’s more secure than standard http.
  • Sign out as soon as you finish using the website or app and delete your browser history.
  • Use unique passwords for different websites.
  • Pay attention to warnings from your web browser about fraudulent websites and malware.
  • Keep your web browser and security software up to date.
  • Use a virtual private network (VPN) to access accounts on public Wi-Fi; available from VPN service providers, virtual private networks encrypt traffic even on networks that aren't secure.

7. Don’t aggregate

Using account aggregation services to consolidate account information in one online location may seem convenient, but it’s not worth the security risk. Aggregation providers may ask for your sign in information and password. At Manulife Bank, we use your access card number, online/mobile password, personal verification passwords, security questions and access card personal identification number (PIN) to identify you and protect your accounts.

Under the terms of your agreement with Manulife Bank, you must keep all of this information confidential and cannot disclose it to third parties – including aggregation providers. If you do disclose it, you could be held responsible for losses and damages that result from that disclosure. For example, you could be liable for any unauthorized access to your accounts or transactions, whether or not you are aware of a specific transaction.

If you decide to revoke authority already given to an aggregation provider:

  • Change your online/mobile password
  • Change your security questions

This will help ensure the aggregation provider cannot continue to access your Manulife Bank accounts.

An ounce of prevention …

At Manulife Bank, the security of your personal and financial information is one of our top priorities and we invest in high levels of encryption to protect you – but what you choose to do online is important too. For more info, read our mobile banking security tips, and learn more about emerging cyber-threats at Microsoft Secure.


The security of your computer and all the personal information it contains is only as good as the security software on your machine, so install updates and patches as soon as they are available.”